Google Chrome Plans to Thwart Infostealer Malware via App-Bound Encryption

Popular web browser Google Chrome has recently introduced app-bound encryption to bolster defenses against infostealer malware attacks and improve protection for cookies and passwords on Windows systems.

New Protection Feature for Windows Users

Chrome employs robust protection techniques to safeguard sensitive data across various operating systems. For macOS, it uses the Keychain services, on Linux it integrates with system-provided wallets like gnome-libsecret or kwallet, and Windows users are protected by the Data Protection API (DPAPI).

While Windows’ system is effective at protecting the data at rest from other users who share the same system or cold boot attacks, it can’t do much against malicious apps launched as the logged-in user, a nefarious technique often used by infostealers.

Restricting Data Access Based on App Identity

With the new App-Bound encryption feature, Chrome plans to encrypt data tied to app identity, restricting data access exclusively to the originating application. This approach is similar to macOS’s Keychain service, which ties encryption to specific app identities.

“We will be migrating each type of secret to this new system starting with cookies in Chrome 127,” Google said in a blog post. “In future releases we intend to expand this protection to passwords, payment data, and other persistent authentication tokens, further protecting users from infostealer malware.”

App-Bound Encryption Using Privileged Windows Service for Authentication

App-bound encryption enhances security using a privileged Windows service to authenticate the application requesting data access. The service embeds the application’s identity within the encrypted data during encryption. When decryption is attempted, the system verifies this identity to ensure it matches the original application and denies the attempt upon detecting a mismatch.

In this scenario, attackers won’t be able to execute malicious apps under a user’s profile any longer. Instead, threat actors must either infiltrate Chrome directly or escalate to system privileges—activities that are conspicuously malicious and more likely to trigger antivirus detections.

The Importance of Dedicated Security Software

The integration of this feature in Chrome enhances the web browser’s synergy with dedicated antivirus software, creating a robust defense system. Specialized software like Bitdefender Ultimate Security can help you deter digital intrusions, including viruses, Trojans, worms, spyware, ransomware, zero-day exploits, and rootkits.

It also boasts advanced features such as behavioral detection technology, network threat prevention, complete real-time data protection, and web attack prevention modules.